A Detective’s “Need to Know More” Drives Digital Transformation for Monroe CT Police Department
“There’s no crime out there without some sort of digital element to it.”
Detective Michael Chaves, Monroe Police Department, Connecticut
Governor Ned Lamont of Connecticut has a vision of an all-digital government—a goal he’s delivering on with the state’s recent $11 Million investment in enhanced cybersecurity efforts. Bills like these are crucial at a time when, nationwide, the chances of someone using a digital device to commit a crime continue to rise.
At one of the largest forensics labs in the state, the Computer Crimes and Electronic Evidence Laboratory in Meriden, CT, a full staff investigates or assists more than 400 criminal complaints and takes in around 130 requests for computer forensic examinations per year. For the Monroe Police Department in Monroe, CT, however, digital forensics falls squarely in the hands of one man—Detective Michael Chaves.
Det. Chaves studied computer science before becoming a police officer with Monroe PD in 2004, and he said he knew early on the importance digital devices would have in investigations. In 2006, he immersed himself in digital forensics and became one of the few officers in the state with the software and equipment needed to do the work. He’s also busy teaching the next generation of forensics experts as an adjunct professor at Sacred Heart University.
“It was around 2008 or 2009 when I started noticing there’s no crime out there without some sort of digital element to it,” he said in a recent interview with Cellebrite.
Fortunately, for the state of Connecticut, forward-thinking investigators like Det. Chaves are leading the charge in law enforcement’s digital transformation, though admittedly, he said, there are still plenty of hurdles to overcome.
The Benefits of Working in a Small State
As a one-man digital forensics department, Det. Chaves relies on collaboration—a notion Governor Ned Lamont emphasized with the recent release of Connecticut’s Annual Crime Statistics Report, in which he stated, “We have a real opportunity, working together with law enforcement and community partners, to further increase public safety in Connecticut.”
While Det. Chaves has built a thriving department of his own, serving in a small state affords him the opportunity to access even more resources to help solve crimes.
“I can go anywhere within the state in an hour or less, so I have the luxury of having some great examiners within 30 minutes of where I am,” he said. “We share our resources because we don’t have all the answers—no one does—but we know where to get the answers.”
Back in 2012, for instance, Det. Chaves used his own expertise to assist with a local domestic violence case that involved access to recorded video on a flip phone. “One suspect claimed innocence. The other suspect also claimed innocence. But now you have that impartial fact right there, recorded on the actual device,” Det. Chaves explained.
We’ve come a long way since the flip phone, only adding new challenges to every case.
“We don’t have all the answers—no one does—be we know where to get the answers.”
Detective Michael Chaves, Monroe Police Department, Connecticut.
Overcoming the Challenges of Rapidly Evolving Discipline
The extraction, collection, analysis, and reporting of digital data is crucial to criminal investigations. It’s also complex and ever-changing, which can make it difficult to understand and susceptible to misrepresentation.
“A lot of the prosecutors, when I started off, had no idea what a cell phone was capable of. Many of them still don’t, but they’re using it,” Det. Chaves said. In a recent case involving a string of commercial burglaries, for example, Det. Chaves was able to use the suspect’s mobile phone, a navigation app, and closed-circuit videos to identify the suspect at the scene of each crime, but the prosecutor needed concrete confidence in the GPS data. “Sometimes we have to show them one-on-one how this stuff actually works so they can understand it and prosecute it.”
It’s also critical for frontline officers to have clear procedures in place for the collection of data to ensure it’s secure and the chain of custody is protected across agencies. After all, defendants’ attorneys are getting wiser, and they’re going to try to poke holes in anything.
“It’s not going to be the actual evidence they attack,” said Det. Chaves. “It’s always going to be what leads up to finding the evidence. That’s what defense attorneys are going to exploit to either lessen the weight of the evidence or potentially throw it out altogether.”
Tracking the Tools of the Trade
The enhanced privacy and security offered by today’s digital devices are welcomed by the vast majority of us, but they often benefit criminals who can cloak activity due to more advanced encryption.
“Encryption will always be one step ahead of us, and we need the training and tools necessary to get the job done,” Det. Chaves stressed. But attaining that training and tools requires funding—something that isn’t always available and or unbeknownst to police departments.
“We got our first forensic computer from a narcotics grant back in 2006,” he said. The grant came with a week-long training session for Chaves, and eventually, other towns came to him for assistance. While he’s always happy to provide tips on how to write grants, he also advises officers to take advantage of the many free training sessions available, such as the Federal Law Enforcement Training Centers (FLETC) in Glynco, Georgia, which houses officers during a variety of week-long courses.
Det. Chaves takes every opportunity to build up his arsenal and skills. Recently, he seized a Windows 10 laptop and iPhone 13 containing child sexual abuse material (CSAM), but couldn’t access the stored passwords or keychain needed to investigate. After parsing it, he was able to advance the investigation with Cellebrite UFED 4PC, Cellebrite Physical Analyzer, and Cellebrite UFED Cloud Analyzer.
Acquiring information from cloud service providers, which requires a warrant, can be a lengthy process for time-sensitive cases. The suspect had 50 megabytes of CSAM stored on Mega, a global cloud storage platform, but Chaves didn’t have the password to log in. That’s where Cloud Analyzer came into play. Chaves was able to use this Cellebrite solution to lawfully access and download the data on Mega to view what would become indisputable digital evidence.
Using tools like these is key to saving the time it would typically take to go through hundreds and thousands of images and videos often involved in CSAM cases.
“I don’t know if everyone subscribes to this, but I do enough to satisfy the elements necessary to prove or disprove a crime. In this case, I already had the hash analysis and optical character recognition (OCR), so I’m not going to go through 10,000 videos. I don’t need to, and I don’t have the time. Especially with a one-man shop, that’s what we have to do.”
What Worked Yesterday May Not Work Today
Getting the right person trained is key to all of this, according to Det. Chaves. “You need someone that has the desire to keep learning because this is a skill that changes daily. They need to have that little spark in them. A need to know more.”
It also helps to have solid communication skills to complement the technical know-how. Building rapport with suspected criminals and their attorneys can often get you the access you’re lacking to build the case.
“Being that stereotypical, tough-guy cop doesn’t always work,” Det. Chaves laughed. Fortunately for us, we didn’t see that side of this detective.